1) Register your app
Create a client app in DirhamClub and get your clientId and clientSecret. Configure allowed origins.
Developer Integration Hub
Everything technical for integrating DirhamClub into your web app: widget sessions, server-to-server wallet APIs, account linking flow, and full API docs.
How integration works
2) Link user identities
After widget auth, store returned dirhamUserId in your user model.
3) Embed and transact
Generate widget session from backend, embed /widget/wallet, and use server APIs for debit/credit/check.
Widget-based wallet UI
DirhamClub hosts wallet UI pages. Your app embeds them with short-lived session tokens.
<iframe
src="https://dirhamclub.example.com/widget/wallet?session=SESSION_TOKEN"
allow="payment *;"
></iframe>Server-to-server APIs
Get wallet
GET /api/server/wallet
Check balance
GET /api/server/wallet/check-balance
Debit / Credit
POST /api/server/wallet/debitPOST /api/server/wallet/credit
Security best practices
Secrets stay on backend
Never expose clientSecret in frontend code.
Short-lived sessions
Use widget sessions with short expiry and renew from backend as needed.
Validate postMessage origin
Verify event.origin before processing widget messages.